The problem:
When anyone sends mail to a non-existent address, Exim is still generating a bounce email. (the queue is filled with them)

I expect this is because they are sending the mail in the correct fashion:
Spammer -> Our external MX servers (whitelisted) -> CPanel box

However, I thought :fail: would prevent ANY bounces from being sent, regardless of the circumstances.

Here is the setup:
- The CPanel server is the outgoing mail server, which sends mail directly out to recipients
- All incoming mail is sent to an external MX server for filtering and then the mail is forwarded to the CPanel server for each users' mailbox.
- Users POP3 directly into the CPanel box to receive their mail.

Here are a few of the important config settings:
- All non-existent e-mail addresses are set to :fail:, both at the global level in WHM and on the specific account we have running on the server.
- The external MX servers are added to "Whitelist: Trusted Mail Hosts/Ip Blocks"
- I added a special ACL setting in Exim that denies any other external servers from trying to send mail directly to the CPanel server (spammers try that all the time). They get a 550 error if they try.

#recipient verifications are required for all messages that are not sent to the local machine
#this was done at multiple users requests
require verify = recipient
message = "The recipient cannot be verified. Please check all recipients of this message to verify they are valid. Details: $acl_verify_message"

and placing it ABOVE the [% ACL_WHITELIST_BLOCK %] and other whitelist verifications.

The server now seems to be correctly sending 550 errors on bad addresses instead of trying to send bounces.